﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data;
using System.Data.SqlClient;
using System.Security.Cryptography;
using System.Text;

/// <summary>
/// Summary description for UsersController
/// </summary>
public class UsersController:Interface
{
    private SqlConnection con;
	public UsersController()
	{
	    con = ConnectDB.Connect();
        ConnectDB.Open();
	}
    #region Insert
    public int Insert(object obj)
    {
        try
        {
            SqlCommand cmd = new SqlCommand();
            cmd.Connection = con;
            cmd.CommandText = "Insert_User";
            cmd.CommandType = CommandType.StoredProcedure;
            Users user = (Users)obj;
            cmd.Parameters.Add("@permission_id", SqlDbType.Int).Value = user.Permission_id;
            cmd.Parameters.Add("@username", SqlDbType.VarChar,50).Value = user.Username;
            cmd.Parameters.Add("@password", SqlDbType.Text).Value = user.Password;
            cmd.Parameters.Add("@address", SqlDbType.NText).Value = user.Address;
            cmd.Parameters.Add("@email", SqlDbType.Text).Value = user.Email;
            cmd.Parameters.Add("@phone", SqlDbType.VarChar,50).Value = user.Phone;
            cmd.Parameters.Add("@birthday", SqlDbType.DateTime).Value = user.Birthday;
            cmd.Parameters.Add("@province", SqlDbType.NText).Value = user.Province;
            cmd.Parameters.Add("@district", SqlDbType.NText).Value = user.District;
            cmd.Parameters.Add("@status", SqlDbType.Bit).Value = user.Status;
            cmd.Parameters.Add("@dateStart", SqlDbType.DateTime).Value = user.DateStart;
            
            return cmd.ExecuteNonQuery();
        }
        catch (Exception)
        {
            return 0;
            throw;
        }
    }
    #endregion
    #region update
    public int Update(object obj)
    {
        try
        {
            SqlCommand cmd = new SqlCommand();
            cmd.Connection = con;
            cmd.CommandText = "Update_User";
            cmd.CommandType = CommandType.StoredProcedure;
            Users user = (Users)obj;
            cmd.Parameters.Add("@user_id", SqlDbType.Int).Value = user.User_id;
            cmd.Parameters.Add("@permission_id", SqlDbType.Int).Value = user.Permission_id;
            cmd.Parameters.Add("@username", SqlDbType.VarChar, 50).Value = user.Username;
            cmd.Parameters.Add("@password", SqlDbType.Text).Value = user.Password;
            cmd.Parameters.Add("@address", SqlDbType.NText).Value = user.Address;
            cmd.Parameters.Add("@email", SqlDbType.Text).Value = user.Email;
            cmd.Parameters.Add("@phone", SqlDbType.VarChar, 50).Value = user.Phone;
            cmd.Parameters.Add("@birthday", SqlDbType.DateTime).Value = user.Birthday;
            cmd.Parameters.Add("@province", SqlDbType.NText).Value = user.Province;
            cmd.Parameters.Add("@district", SqlDbType.NText).Value = user.District;
            cmd.Parameters.Add("@status", SqlDbType.Bit).Value = user.Status;
            cmd.Parameters.Add("@dateStart", SqlDbType.DateTime).Value = user.DateStart;

            return cmd.ExecuteNonQuery();
        }
        catch (Exception)
        {
            return 0;
            throw;
        }
    }
#endregion
    #region delete
    public int Delete(int id)
    {
        try
        {
            SqlCommand cmd = new SqlCommand();
            cmd.Connection = con;
            cmd.CommandText = "Delete_User";
            cmd.CommandType = CommandType.StoredProcedure;
            cmd.Parameters.Add("@user_id", SqlDbType.Int).Value = id;
            return cmd.ExecuteNonQuery();
        }
        catch (Exception)
        {
            return 0;
            throw;
        }
    }
    #endregion
    #region getAll
    public DataTable GetAll()
    {
        DataTable dt = new DataTable();
        try
        {
            SqlCommand cmd = new SqlCommand();
            cmd.CommandText = "SELECT * FROM Select_All_User WHERE [status]=1 ORDER BY dateStart DESC";
            cmd.CommandType = CommandType.Text;
            SqlDataAdapter da = new SqlDataAdapter();
            cmd.Connection = con;
            da.SelectCommand = cmd;
            da.Fill(dt);
            return dt;
        }
        catch (Exception)
        {

            return null;
            throw;
        }
    }
    #endregion
    #region GetById
    public DataTable GetByID(int id)
    {
        DataTable dt = new DataTable();
        try
        {
            SqlCommand cmd = new SqlCommand();
            cmd.CommandText = "SELECT * FROM Select_All_User WHERE [user_id]=@id";
            cmd.Parameters.AddWithValue("@id", id);
            cmd.CommandType = CommandType.Text;
            SqlDataAdapter da = new SqlDataAdapter();
            cmd.Connection = con;
            da.SelectCommand = cmd;
            da.Fill(dt);
            return dt;
        }
        catch (Exception)
        {

            return null;
            throw;
        }
    }
    #endregion
    #region GetByUserName
    public DataTable GetByUsername(string username)
    {
        DataTable dt = new DataTable();
        try
        {
            SqlCommand cmd = new SqlCommand();
            cmd.CommandText = "SELECT * FROM Select_All_User WHERE [username]=@username";
            cmd.Parameters.AddWithValue("@username", username);
            cmd.CommandType = CommandType.Text;
            SqlDataAdapter da = new SqlDataAdapter();
            cmd.Connection = con;
            da.SelectCommand = cmd;
            da.Fill(dt);
            return dt;
        }
        catch (Exception)
        {

            return null;
            throw;
        }
    }
    #endregion
    #region CheckLogin
    public List<Users> checkLogin(string Username, string Password) {
        List<Users> list = new List<Users>();
        DataTable dt = new UsersController().GetAll();
        foreach (DataRow item in dt.Rows)
        {
            list.Add(new Users(item));
        }

        return list.FindAll(delegate(Users obj) {
            return obj.Username == Username && obj.Password == MD5Encrypt(Password);  
        });
    }
    #endregion 
    #region checkUserExit
    public List<Users> checkUserExist(string Username)
    {
        List<Users> list = new List<Users>();
        DataTable dt = new UsersController().GetAll();
        foreach (DataRow item in dt.Rows)
        {
            list.Add(new Users(item));
        }

        return list.FindAll(delegate(Users obj)
        {
            return obj.Username == Username;
        });
    }
    #endregion
    #region ChangePass
        public int ChangPass(int user_id,string Username,string Password)
        {
            try
            {
                SqlCommand cmd = new SqlCommand();
                cmd.Connection = con;
                cmd.CommandText = "update [User] set [username]=@username,[password]=@password where user_id=@user_id";
                cmd.CommandType = CommandType.Text;
                cmd.Parameters.Add("@user_id", SqlDbType.Int).Value = user_id;
                cmd.Parameters.Add("@username", SqlDbType.Int).Value = Username;
                cmd.Parameters.Add("@password", SqlDbType.VarChar, 50).Value = Password;

                return cmd.ExecuteNonQuery();
            }
            catch (Exception)
            {
                return 0;
                throw;
            }
        }
    #endregion
<<<<<<< .mine    #region EncrYpt Pass
=======}
>>>>>>> .theirs    public static string MD5Encrypt(string orgString)
    {
        MD5CryptoServiceProvider mdcsp = new MD5CryptoServiceProvider();
        byte[] b = System.Text.Encoding.UTF8.GetBytes(orgString);
        b = mdcsp.ComputeHash(b);
        StringBuilder s = new StringBuilder();
        foreach (byte by in b)
        {
            s.Append(by.ToString("x2").ToLower());
        }

        return s.ToString();
    }
    #endregion
}
<<<<<<< .mine=======            dt = ds.Tables[0];
            return dt;
        }
        catch (Exception)
        {

            return null;
            throw;
        }
    }>>>>>>> .theirs